Jump to content

AfterAd-Aware SEremoval, still appears

Guest labfuji

By Guest labfuji
in Windows 2000 Workstation

 Share

Recommended Posts

Guest labfuji

Guest labfuji

Posted
Posted

+sorry just repost in the appropriate OS newsgroup

 

Ran the Ad-Aware SE scan found and deleted it. So it says but when I rescan

it, Win32 AdWare.Cinmus still show up (either in Normal ot Safe mode).

Its location CLSID \{385ABBC-FB22-4D17-8834-064E2BA0A6F0}

 

which when I go to the registry/location and expand there are 2 items

+ InprocServer32 - hightlight and right pan shows

default REG_SZ C:\DOC & SettING\ALL USERS\APPLICATION

DATA\MICROSOFT\PCTOOLS\PCTOOLS.DLL

Threading Model REG_SZ Apartment

 

+TypeLib and hightlight and right pan shows

the default REG_SZ {385ABBC-FB22-4D17-8834-064E2BA0A6F0}

 

can some advice what shall I do here? On item 1 do I hightlight the

Threading Model on the right pan and delete this item or instead of

'Apartment' leave it blank o

 

Many thanks for your education.

  • Replies 3
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: AfterAd-Aware SEremoval, still appears

 

Hello labfuji,

 

What posting are you talking about? Subject: Heur/Malware?

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm

> +sorry just repost in the appropriate OS newsgroup

>

> Ran the Ad-Aware SE scan found and deleted it. So it says but when I

> rescan it, Win32 AdWare.Cinmus still show up (either in Normal ot Safe

> mode). Its location CLSID \{385ABBC-FB22-4D17-8834-064E2BA0A6F0}

>

> which when I go to the registry/location and expand there are 2 items

> + InprocServer32 - hightlight and right pan shows default REG_SZ

> C:\DOC & SettING\ALL USERS\APPLICATION

> DATA\MICROSOFT\PCTOOLS\PCTOOLS.DLL Threading Model REG_SZ Apartment

>

> +TypeLib and hightlight and right pan shows the default REG_SZ

> {385ABBC-FB22-4D17-8834-064E2BA0A6F0}

>

> can some advice what shall I do here? On item 1 do I hightlight the

> Threading Model on the right pan and delete this item or instead of

> 'Apartment' leave it blank o

>

> Many thanks for your education.

>

Guest labfuji

Guest labfuji

Posted
Posted

Re: AfterAd-Aware SEremoval, still appears

 

In the broad sense, guess they are related as the pc is infected. On the

second posting is really how can I remove the infection manually of the

Ad-Aware SE scan result which shows "Win32 AdWare.Cinmus "

Hope this clarify your point and thanks

 

 

"Meinolf Weber" wrote:

> Hello labfuji,

>

> What posting are you talking about? Subject: Heur/Malware?

>

> Best regards

>

> Meinolf Weber

> Disclaimer: This posting is provided "AS IS" with no warranties, and confers

> no rights.

> ** Please do NOT email, only reply to Newsgroups

> ** HELP us help YOU!!! http://www.dts-l.org/goodpost.htm

>

> > +sorry just repost in the appropriate OS newsgroup

> >

> > Ran the Ad-Aware SE scan found and deleted it. So it says but when I

> > rescan it, Win32 AdWare.Cinmus still show up (either in Normal ot Safe

> > mode). Its location CLSID \{385ABBC-FB22-4D17-8834-064E2BA0A6F0}

> >

> > which when I go to the registry/location and expand there are 2 items

> > + InprocServer32 - hightlight and right pan shows default REG_SZ

> > C:\DOC & SettING\ALL USERS\APPLICATION

> > DATA\MICROSOFT\PCTOOLS\PCTOOLS.DLL Threading Model REG_SZ Apartment

> >

> > +TypeLib and hightlight and right pan shows the default REG_SZ

> > {385ABBC-FB22-4D17-8834-064E2BA0A6F0}

> >

> > can some advice what shall I do here? On item 1 do I hightlight the

> > Threading Model on the right pan and delete this item or instead of

> > 'Apartment' leave it blank o

> >

> > Many thanks for your education.

> >

>

>

>

Guest Frank Booth Snr

Guest Frank Booth Snr

Posted
Posted

Re: AfterAd-Aware SEremoval, still appears

 

labfuji wrote:

> +sorry just repost in the appropriate OS newsgroup

>

> Ran the Ad-Aware SE scan found and deleted it. So it says but when I rescan

> it, Win32 AdWare.Cinmus still show up (either in Normal ot Safe mode).

> Its location CLSID \{385ABBC-FB22-4D17-8834-064E2BA0A6F0}

>

> which when I go to the registry/location and expand there are 2 items

> + InprocServer32 - hightlight and right pan shows

> default REG_SZ C:\DOC & SettING\ALL USERS\APPLICATION

> DATA\MICROSOFT\PCTOOLS\PCTOOLS.DLL

> Threading Model REG_SZ Apartment

>

> +TypeLib and hightlight and right pan shows

> the default REG_SZ {385ABBC-FB22-4D17-8834-064E2BA0A6F0}

>

> can some advice what shall I do here? On item 1 do I hightlight the

> Threading Model on the right pan and delete this item or instead of

> 'Apartment' leave it blank o

>

It sounds like it's part of a download from Microsoft. I suggest this is

not a necessary part of Win2k, unless you intentionally downloaded some

update from MS. First back up your registry. Open registry, starting at

the top, go to edit/find then type in pc toools and delete every

instance of it, but be careful not to delete anything else. I'd also

delete the pctools folder and the files it contains from the C: drive.

Reboot the PC and see what happens.

 Share
Go to topic listing
×
×
  • Create New...